You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2006/01/12 06:03:43 UTC

[Bug 3838] Insecure dependency in eval while running setuid

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=3838


hackel@walkingfish.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |hackel@walkingfish.com




------- Additional Comments From hackel@walkingfish.com  2006-01-12 06:03 -------
I'm having a similar (or perhaps the same?) problem.  Using SpamAssassin
3.1.0a-1bpo1 from backports.org on Debian/sarge.

Two days ago, while I was out of town, SA suddenly stopped looking at about 1/3
of my messages, filling up my inbox very quickly.  My postfix log shows this
whenever this happens:

spamd[21737]: spamd: connection from localhost [127.0.0.1] at port 1921
spamd[21737]: spamd: setuid to x succeeded
spamd[21737]: spamd: Insecure dependency in eval while ru
nning setuid at /usr/share/perl5/Mail/SpamAssassin/Conf/Parser.pm line 913.

I am only using the default rules with one user rule in my account.  Moving this
rule into local.cf as suggested seemed to fix the problem.  This is the rule I
was using:

uri GEOCITIES_URL /geocities\.(yahoo\.)?com(\...)?\b/
describe GEOCITIES_URL Message contains URL for Geocities site
score GEOCITIES_URL    2.5

This has been working fine with no problem.  Nothing changed on my system--I
didn't upgrade anything, didn't change the rules or config files, nothing.  I
don't understand how it could start doing this all of a sudden.  I'm happy to
provide any additional information or debugging info as necessary.  If you
suspect this is a Debian bug I will file a separate bug report.  Thanks.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.